Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Sa0CW8dFn8p5BHXDpZvBxtNWY3Q.roa
File: Sa0CW8dFn8p5BHXDpZvBxtNWY3Q.roa (raw, json)
Hash identifier: MNdZ20VmjSCKFE6xf2ShlGRetQUI9hS+3klQCCcsff4=
Subject key identifier: 49:AD:02:5B:C7:45:9F:CA:79:04:75:C3:A5:9B:C1:C6:D3:56:63:74
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01919820F630095ED1107AC566B17D3F1E01
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Sa0CW8dFn8p5BHXDpZvBxtNWY3Q.roa
Signing time: Wed 28 Aug 2024 08:36:22 +0000
ROA not before: Wed 28 Aug 2024 08:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 83.147.222.0/24 maxlen: 24
83.147.244.0/22 maxlen: 24
91.186.200.0/22 maxlen: 24
91.186.204.0/22 maxlen: 24
91.186.216.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.12.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 06:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:20:f6:30:09:5e:d1:10:7a:c5:66:b1:7d:3f:1e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 28 08:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49ad025bc7459fca790475c3a59bc1c6d3566374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7b:04:6d:70:86:36:4f:c9:ee:d7:95:5e:93:
d0:60:51:d4:04:41:3a:c0:b5:51:da:f9:11:16:ea:
73:6b:d3:90:bf:b6:b6:ff:76:68:b1:3d:d9:fa:4c:
d2:61:e2:c6:a0:a7:2e:5f:0a:f0:f9:5f:48:ef:95:
e1:d8:9b:b6:03:09:25:c2:2c:1b:f4:0b:e0:e7:45:
7f:9d:b1:dc:0c:07:11:15:cd:8c:63:67:e1:09:79:
b6:05:08:74:99:98:ab:b6:10:cd:a0:37:d7:24:dc:
62:91:c1:3b:95:b9:43:bd:13:f0:91:2f:1a:e0:f5:
b2:2a:38:0f:51:f6:10:3b:0f:44:82:95:97:9d:61:
50:31:9f:2f:1e:5d:3b:cb:92:d7:b0:3f:1c:96:1e:
4c:c6:1b:df:40:50:71:e0:c5:81:a2:4d:f9:18:66:
d6:a5:ed:a8:6b:1b:22:4f:cf:ea:13:d9:e5:47:f8:
65:3e:1f:6c:25:dc:a3:4f:3a:6a:6f:90:05:69:74:
8e:6e:f9:6b:1a:6d:59:15:3a:59:33:d1:9c:4d:31:
90:03:f8:30:03:ad:22:55:01:b0:b9:10:93:06:f6:
8d:4a:0a:af:92:b4:83:b4:c1:39:ab:3b:ef:28:8b:
81:59:9d:45:ed:aa:1f:3d:3f:07:5e:e4:0a:bb:b2:
f2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AD:02:5B:C7:45:9F:CA:79:04:75:C3:A5:9B:C1:C6:D3:56:63:74
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/Sa0CW8dFn8p5BHXDpZvBxtNWY3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.222.0/24
83.147.244.0/22
91.186.200.0/21
91.186.216.0/23
94.241.168.0/21
178.253.12.0/23
Signature Algorithm: sha256WithRSAEncryption
60:91:f5:f7:09:3f:43:93:4b:f0:66:6e:30:0c:46:cc:94:59:
79:10:e7:4b:bf:44:db:34:0f:2b:4b:c0:18:aa:b6:21:8d:69:
a0:3d:ee:62:5b:db:c9:44:fa:d5:89:71:6e:7e:21:7f:1e:be:
41:23:ad:c1:6b:59:e1:2f:c6:77:4b:08:df:ca:44:5f:65:50:
04:d4:e0:9b:d0:f0:f3:1f:ba:18:3e:7b:9e:db:e7:a7:50:19:
b1:7a:80:36:71:42:de:03:f1:5a:1f:e2:43:1a:42:2b:bd:23:
c6:7e:23:ba:f1:c6:43:ee:52:8f:c8:92:6c:28:a4:7b:a5:0f:
88:b8:48:1e:f6:ff:55:c3:bd:99:12:a9:e1:7a:d5:6e:a0:a5:
ab:df:42:fc:2b:af:8e:31:ee:83:88:8a:76:d3:57:e4:23:cb:
d3:7b:85:ec:5f:68:c3:0e:d5:0f:be:e1:4a:a8:43:95:00:48:
35:f4:d3:91:81:c5:b5:72:d1:52:4c:1e:35:a3:1e:b4:6e:43:
fa:60:05:d1:e2:b9:75:24:31:78:69:f3:44:e7:ab:c2:d8:44:
9d:a0:39:66:32:34:ac:7f:fe:f7:74:41:a8:37:3f:7c:7d:31:
b1:fd:82:90:8a:41:99:b0:87:0c:c2:a0:87:b4:bc:8a:3d:4b:
e9:08:de:16
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZGYIPYwCV7REHrFZrF9Px4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwODI4MDgzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWFkMDI1YmM3NDU5ZmNhNzkwNDc1YzNhNTliYzFjNmQzNTY2Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXsEbXCGNk/J7teVXpPQYFHUBEE6
wLVR2vkRFupza9OQv7a2/3ZosT3Z+kzSYeLGoKcuXwrw+V9I75Xh2Ju2Awklwiwb
9Avg50V/nbHcDAcRFc2MY2fhCXm2BQh0mZirthDNoDfXJNxikcE7lblDvRPwkS8a
4PWyKjgPUfYQOw9EgpWXnWFQMZ8vHl07y5LXsD8clh5MxhvfQFBx4MWBok35GGbW
pe2oaxsiT8/qE9nlR/hlPh9sJdyjTzpqb5AFaXSObvlrGm1ZFTpZM9GcTTGQA/gw
A60iVQGwuRCTBvaNSgqvkrSDtME5qzvvKIuBWZ1F7aofPT8HXuQKu7LyHwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEmtAlvHRZ/KeQR1w6WbwcbTVmN0MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvU2EwQ1c4ZEZuOHA1QkhYRHBadkJ4dE5XWTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAU5PeAwQC
U5P0AwQDW7rIAwQBW7rYAwQDXvGoAwQBsv0MMA0GCSqGSIb3DQEBCwUAA4IBAQBg
kfX3CT9Dk0vwZm4wDEbMlFl5EOdLv0TbNA8rS8AYqrYhjWmgPe5iW9vJRPrViXFu
fiF/Hr5BI63Ba1nhL8Z3SwjfykRfZVAE1OCb0PDzH7oYPnue2+enUBmxeoA2cULe
A/FaH+JDGkIrvSPGfiO68cZD7lKPyJJsKKR7pQ+IuEge9v9Vw72ZEqnhetVuoKWr
30L8K6+OMe6DiIp201fkI8vTe4XsX2jDDtUPvuFKqEOVAEg19NORgcW1ctFSTB41
ox60bkP6YAXR4rl1JDF4afNE56vC2ESdoDlmMjSsf/73dEGoNz98fTGx/YKQikGZ
sIcMwqCHtLyKPUvpCN4W
Generated at Sun Sep 1 08:00:12 2024 by rpki-client on console-fra.rpki-client.org